diff --git a/app/Http/Controllers/AssetModelsFilesController.php b/app/Http/Controllers/AssetModelsFilesController.php new file mode 100644 index 0000000000..5064027fff --- /dev/null +++ b/app/Http/Controllers/AssetModelsFilesController.php @@ -0,0 +1,155 @@ +] + * @param AssetFileRequest $request + * @param int $modelId + * @return Redirect + * @since [v1.0] + * @throws \Illuminate\Auth\Access\AuthorizationException + */ + public function store(AssetFileRequest $request, $modelId = null) + { + if (! $model = AssetModel::find($modelId)) { + return redirect()->route('models.index')->with('error', trans('admin/hardware/message.does_not_exist')); + } + + $this->authorize('update', $model); + + if ($request->hasFile('file')) { + if (! Storage::exists('private_uploads/assetmodels')) { + Storage::makeDirectory('private_uploads/assetmodels', 775); + } + + foreach ($request->file('file') as $file) { + + $extension = $file->getClientOriginalExtension(); + $file_name = 'model-'.$model->id.'-'.str_random(8).'-'.str_slug(basename($file->getClientOriginalName(), '.'.$extension)).'.'.$extension; + + // Check for SVG and sanitize it + if ($extension=='svg') { + \Log::debug('This is an SVG'); + + $sanitizer = new Sanitizer(); + $dirtySVG = file_get_contents($file->getRealPath()); + $cleanSVG = $sanitizer->sanitize($dirtySVG); + + try { + Storage::put('private_uploads/assetmodels/'.$file_name, $cleanSVG); + } catch (\Exception $e) { + \Log::debug('Upload no workie :( '); + \Log::debug($e); + } + } else { + Storage::put('private_uploads/assetmodels/'.$file_name, file_get_contents($file)); + } + + + $model->logUpload($file_name, e($request->get('notes'))); + } + + return redirect()->back()->with('success', trans('admin/hardware/message.upload.success')); + } + + return redirect()->back()->with('error', trans('admin/hardware/message.upload.nofiles')); + } + + /** + * Check for permissions and display the file. + * + * @author [A. Gianotto] [] + * @param int $modelId + * @param int $fileId + * @since [v1.0] + * @return View + * @throws \Illuminate\Auth\Access\AuthorizationException + */ + public function show($modelId = null, $fileId = null, $download = true) + { + $model = AssetModel::find($modelId); + // the asset is valid + if (isset($model->id)) { + $this->authorize('view', $model); + + if (! $log = Actionlog::find($fileId)) { + return response('No matching record for that model/file', 500) + ->header('Content-Type', 'text/plain'); + } + + $file = 'private_uploads/assetmodels/'.$log->filename; + \Log::debug('Checking for '.$file); + + + if (! Storage::exists($file)) { + return response('File '.$file.' not found on server', 404) + ->header('Content-Type', 'text/plain'); + } + + if ($download != 'true') { + if ($contents = file_get_contents(Storage::url($file))) { + return Response::make(Storage::url($file)->header('Content-Type', mime_content_type($file))); + } + + return JsonResponse::create(['error' => 'Failed validation: '], 500); + } + + return StorageHelper::downloader($file); + } + // Prepare the error message + $error = trans('admin/hardware/message.does_not_exist', ['id' => $fileId]); + + // Redirect to the hardware management page + return redirect()->route('hardware.index')->with('error', $error); + } + + /** + * Delete the associated file + * + * @author [A. Gianotto] [] + * @param int $modelId + * @param int $fileId + * @since [v1.0] + * @return View + * @throws \Illuminate\Auth\Access\AuthorizationException + */ + public function destroy($modelId = null, $fileId = null) + { + $model = AssetModel::find($modelId); + $this->authorize('update', $model); + $rel_path = 'private_uploads/assetmodels'; + + // the asset is valid + if (isset($model->id)) { + $this->authorize('update', $model); + $log = Actionlog::find($fileId); + if ($log) { + if (Storage::exists($rel_path.'/'.$log->filename)) { + Storage::delete($rel_path.'/'.$log->filename); + } + $log->delete(); + + return redirect()->back()->with('success', trans('admin/hardware/message.deletefile.success')); + } + + return redirect()->back() + ->with('success', trans('admin/hardware/message.deletefile.success')); + } + + // Redirect to the hardware management page + return redirect()->route('hardware.index')->with('error', trans('admin/hardware/message.does_not_exist')); + } +} diff --git a/app/Models/AssetModel.php b/app/Models/AssetModel.php index d4d6776a48..e4e5ac720a 100755 --- a/app/Models/AssetModel.php +++ b/app/Models/AssetModel.php @@ -20,7 +20,7 @@ class AssetModel extends SnipeModel use HasFactory; use SoftDeletes; protected $presenter = \App\Presenters\AssetModelPresenter::class; - use Requestable, Presentable; + use Loggable, Requestable, Presentable; protected $table = 'models'; protected $hidden = ['user_id', 'deleted_at']; @@ -181,6 +181,23 @@ class AssetModel extends SnipeModel return false; } + /** + * Get uploads for this model + * + * @author [A. Gianotto] [] + * @since [v4.0] + * @return \Illuminate\Database\Eloquent\Relations\Relation + */ + public function uploads() + { + return $this->hasMany('\App\Models\Actionlog', 'item_id') + ->where('item_type', '=', AssetModel::class) + ->where('action_type', '=', 'uploaded') + ->whereNotNull('filename') + ->orderBy('created_at', 'desc'); + } + + /** * ----------------------------------------------- * BEGIN QUERY SCOPES diff --git a/resources/views/models/view.blade.php b/resources/views/models/view.blade.php index 015a2cd729..8bd729ae0c 100755 --- a/resources/views/models/view.blade.php +++ b/resources/views/models/view.blade.php @@ -56,7 +56,14 @@ + {!! ($model->uploads->count() > 0 ) ? ''.number_format($model->uploads->count()).'' : '' !!} + + + +
  • + + + {{ trans('button.upload') }}
    • @@ -92,13 +99,101 @@ }'> {{ Form::close() }} - - +
    - kljhglfh +
    +
    + + @if ($model->uploads->count() > 0) + + + + + + + + + + + + + + + + @foreach ($model->uploads as $file) + + + + + + + + + + + @endforeach + +
    {{trans('general.file_type')}}{{ trans('general.image') }}{{ trans('general.file_name') }}{{ trans('general.filesize') }}{{ trans('general.notes') }}{{ trans('general.download') }}{{ trans('general.created_at') }}{{ trans('table.actions') }}
    + @if ( Helper::checkUploadIsImage($file->get_src('assets'))) + + + + @endif + + {{ $file->filename }} + + {{ Helper::formatFilesizeUnits(filesize(storage_path('private_uploads/assetmodels/').$file->filename)) }} + + @if ($file->note) + {{ $file->note }} + @endif + + @if ($file->filename) + + + + @endif + + @if ($file->created_at) + {{ Helper::getFormattedDateObject($file->created_at, 'datetime', false) }} + @endif + + @can('update', \App\Models\AssetModel::class) + + @endcan +
    + + @else + +
    + + {{ trans('general.no_results') }} +
    + @endif + +
    +
    @@ -106,14 +201,26 @@ +
    -
    -
    -
    -

    {{ trans('general.moreinfo') }}:

    -
    -
    -
    +
    +
    + {{ trans('admin/models/table.edit') }} +
    +
    + {{ trans('admin/models/table.clone') }} +
    + +
    +
    +
    +
    +

    {{ trans('general.moreinfo') }}:

    +
    +
    +
    + + @if ($model->image) @@ -207,7 +314,13 @@ @endif
    +
    +
    + +@can('update', \App\Models\AssetModel::class) + @include ('modals.upload-file', ['item_type' => 'models', 'item_id' => $model->id]) +@endcan @stop @section('moar_scripts') diff --git a/routes/web/models.php b/routes/web/models.php index 591edb9f28..2643f02d2f 100644 --- a/routes/web/models.php +++ b/routes/web/models.php @@ -1,6 +1,7 @@ 'models', 'middleware' => ['auth']], function () { + Route::post('{modelID}/upload', + [AssetModelsFilesController::class, 'store'] + )->name('upload/models'); + + Route::get('{modelID}/showfile/{fileId}/{download?}', + [AssetModelsFilesController::class, 'show'] + )->name('show/modelfile'); + + Route::delete('{modelID}/showfile/{fileId}/delete', + [AssetModelsFilesController::class, 'destroy'] + )->name('delete/modelfile'); + Route::get( '{modelId}/clone', [ @@ -74,6 +87,7 @@ Route::group(['prefix' => 'models', 'middleware' => ['auth']], function () { )->name('models.bulkdelete.store'); + }); Route::resource('models', AssetModelsController::class, [